https://github.com/broadinstitute/python-sudoers

Python library for parsing a Linux sudoers file

https://github.com/broadinstitute/python-sudoers

Science Score: 36.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
    1 of 5 committers (20.0%) from academic institutions
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (17.2%) to scientific vocabulary

Keywords from Contributors

labels
Last synced: 10 months ago · JSON representation

Repository

Python library for parsing a Linux sudoers file

Basic Info
  • Host: GitHub
  • Owner: broadinstitute
  • License: bsd-3-clause
  • Language: Python
  • Default Branch: main
  • Size: 536 KB
Statistics
  • Stars: 7
  • Watchers: 11
  • Forks: 8
  • Open Issues: 2
  • Releases: 1
Created about 7 years ago · Last pushed 10 months ago
Metadata Files
Readme Changelog License

docs/README.md

pysudoers

This library provides a Python interface to the Linux sudoers file. python-sudoers is open sourced under the BSD 3-Clause license.

checks

Basics

pysudoers runs on Python >= 3.9

Features

This library parses a sudoers file into its component parts. It's not 100% compliant with the EBNF format of the file (yet), but it's getting there. Currently, the script parses out 6 distinct line types from the file:

  • Defaults (This is only a string currently. Pieces of a Defaults setting are not parsed/separated.)
  • Cmnd_Alias
  • Host_Alias
  • Runas_Alias
  • User_Alias
  • User specifications (which we call rules)

As user specifications are the most complicated, they are most likely the area that needs the most improvement. Currently, the following pieces of a user specification are separated out as part of the parsing:

  • User list
  • Host list
  • Command list (containing):
    • Tags
    • Run As notations
    • Commands

One caveat to add is, this module currently does not do anything with #include, #includedir, @include and @includedir lines, but simply ignores them. You can, however, parse any included files individually if needed, but any interdependencies between the files will not be resolved.

Installing

You can use pip to install pysudoers:

Shell pip install pysudoers

Examples

Parsing of the sudoers file is done as part of initializing the Sudoers object. So, you can start using the properties under Sudoers immediately. The following example will print out all the different "types" from the file:

```Python from pysudoers import Sudoers

sobj = Sudoers(path="tmp/sudoers")

for default in sobj.defaults: print(default)

for key in sobj.hostaliases: print(key) print(sobj.hostaliases[key])

for key in sobj.cmndaliases: print(key) print(sobj.cmndaliases[key])

for key in sobj.runasaliases: print(key) print(sobj.runasaliases[key])

for key in sobj.useraliases: print(key) print(sobj.useraliases[key])

for rule in sobj.rules: print(rule) ```

Now, suppose you want to print out all the user specifications (rules), but you only want to see the users and hosts for each rule.

```Python from pysudoers import Sudoers

sobj = Sudoers(path="tmp/sudoers")

for rule in sobj.rules: print("%s | %s" % (",".join(rule["users"]), ",".join(rule["hosts"]))) ```

Contributing

Pull requests to add functionality and fix bugs are always welcome. Please check the CONTRIBUTING.md for specifics on contributions.

Testing

We try to have a high level of test coverage on the code. Therefore, when adding anything to the repo, tests should be written to test a new feature or to test a bug fix so that there won't be a regression. This library is setup to be pretty simple to build a working development environment using Docker or Podman. Therefore, it is suggested that you have Docker or Podman installed where you clone this repository to make development easier.

To start a development environment, you should be able to just run the dev.sh script. This script will use the Containerfile in this repository to build a container image with all the dependencies for development installed using Poetry.

Shell ./dev.sh

The first time you run the script, it should build the container image and then drop you into the container's shell. The directory where you cloned this repository should be volume mounted in to /working, which should also be the current working directory. From there, you can make changes as you see fit. Tests can be run from the /working directory by simply typing pytest as pytest has been setup to with the correct parameters.

Changelog

Changelogs are now created as part of the GitHub release process.

Versioning

Updating the version is typically done using the bump2version tool. This tool takes care of updating the version in all necessary files, updating its own configuration, and making a GitHub commit and tag. We typically do version bumps as part of a PR, so you don't want to have bump2version tag the version at the same time it does the commit as commit hashes may change. Therefore, to bump the version a patch level, one would run the command:

Shell bump2version --verbose --no-tag patch

Once the PR is merged, you can move on to do a release through GitHub.

Releases

Releases are now done through the GitHub Release system. The easiest way to create a new release draft is using the GitHub CLI (gh). For example, to create a new draft release for version 2.2.0 with autogenerated notes:

Shell gh release create '2.2.0' --draft --generate-notes --title '2.2.0'

Owner

  • Name: Broad Institute
  • Login: broadinstitute
  • Kind: organization
  • Location: Cambridge, MA

Broad Institute of MIT and Harvard

GitHub Events

Total
  • Create event: 33
  • Release event: 1
  • Issues event: 3
  • Delete event: 30
  • Issue comment event: 35
  • Push event: 35
  • Pull request review event: 13
  • Pull request event: 64
Last Year
  • Create event: 33
  • Release event: 1
  • Issues event: 3
  • Delete event: 30
  • Issue comment event: 35
  • Push event: 35
  • Pull request review event: 13
  • Pull request event: 64

Committers

Last synced: over 3 years ago

All Time
  • Total Commits: 87
  • Total Committers: 5
  • Avg Commits per committer: 17.4
  • Development Distribution Score (DDS): 0.391
Top Committers
Name Email Commits
dependabot[bot] 4****]@u****m 53
coreone c****e@u****m 19
Andrew Teixeira t****a@b****g 13
James A. Robinson j****n@g****m 1
Ian Thorne i****6@g****m 1
Committer Domains (Top 20 + Academic)

Issues and Pull Requests

Last synced: 10 months ago

All Time
  • Total issues: 5
  • Total pull requests: 222
  • Average time to close issues: 6 months
  • Average time to close pull requests: 25 days
  • Total issue authors: 5
  • Total pull request authors: 8
  • Average comments per issue: 0.4
  • Average comments per pull request: 1.12
  • Merged pull requests: 134
  • Bot issues: 0
  • Bot pull requests: 176
Past Year
  • Issues: 1
  • Pull requests: 75
  • Average time to close issues: 7 days
  • Average time to close pull requests: 5 days
  • Issue authors: 1
  • Pull request authors: 4
  • Average comments per issue: 1.0
  • Average comments per pull request: 0.83
  • Merged pull requests: 42
  • Bot issues: 0
  • Bot pull requests: 56
Top Authors
Issue Authors
  • flynn1973 (1)
  • git4al (1)
  • yaiqsa (1)
  • tomcorrigan (1)
  • Akendo (1)
Pull Request Authors
  • dependabot[bot] (174)
  • coreone (38)
  • kexirong (2)
  • jnav (2)
  • DB-37 (2)
  • backstage-bits[bot] (2)
  • jmccanta (1)
  • jimrobinson (1)
Top Labels
Issue Labels
Pull Request Labels
dependencies (174) python (125) maintenance (100) github_actions (49) ignore-for-release (17) enhancement (6) bug (2) fix (2) feature (2) wontfix (1)

Packages

  • Total packages: 1
  • Total downloads:
    • pypi 241 last-month
  • Total dependent packages: 0
  • Total dependent repositories: 1
  • Total versions: 7
  • Total maintainers: 3
pypi.org: pysudoers

Python interface to the Linux sudoers file

  • Versions: 7
  • Dependent Packages: 0
  • Dependent Repositories: 1
  • Downloads: 241 Last month
Rankings
Dependent packages count: 7.4%
Forks count: 13.4%
Average: 16.1%
Downloads: 17.3%
Stargazers count: 20.4%
Dependent repos count: 22.3%
Maintainers (3)
Last synced: 10 months ago

Dependencies

poetry.lock pypi
  • argparse 1.4.0 develop
  • astroid 2.11.6 develop
  • bleach 5.0.1 develop
  • bump2version 1.0.1 develop
  • certifi 2022.6.15 develop
  • cffi 1.15.1 develop
  • charset-normalizer 2.1.0 develop
  • codecov 2.1.12 develop
  • colorama 0.4.5 develop
  • commonmark 0.9.1 develop
  • coverage 6.4.1 develop
  • cryptography 37.0.4 develop
  • dill 0.3.5.1 develop
  • docutils 0.19 develop
  • extras 1.0.0 develop
  • fixtures 4.0.1 develop
  • green 3.4.2 develop
  • idna 3.3 develop
  • importlib-metadata 4.12.0 develop
  • isort 5.10.1 develop
  • jeepney 0.8.0 develop
  • keyring 23.6.0 develop
  • lazy-object-proxy 1.7.1 develop
  • linecache2 1.0.0 develop
  • lxml 4.9.1 develop
  • mccabe 0.7.0 develop
  • mock 4.0.3 develop
  • pathspec 0.9.0 develop
  • pbr 5.9.0 develop
  • pkginfo 1.8.3 develop
  • platformdirs 2.5.2 develop
  • pycodestyle 2.8.0 develop
  • pycparser 2.21 develop
  • pydocstyle 6.1.1 develop
  • pyflakes 2.4.0 develop
  • pygments 2.12.0 develop
  • pylama 8.3.8 develop
  • pylint 2.13.9 develop
  • pywin32-ctypes 0.2.0 develop
  • pyyaml 6.0 develop
  • readme-renderer 35.0 develop
  • requests 2.28.1 develop
  • requests-toolbelt 0.9.1 develop
  • rfc3986 2.0.0 develop
  • rich 12.4.4 develop
  • secretstorage 3.3.2 develop
  • six 1.16.0 develop
  • snowballstemmer 2.2.0 develop
  • testtools 2.5.0 develop
  • tomli 2.0.1 develop
  • traceback2 1.4.0 develop
  • twine 4.0.1 develop
  • typed-ast 1.5.4 develop
  • typing-extensions 4.3.0 develop
  • unidecode 1.3.4 develop
  • unittest2 1.1.0 develop
  • urllib3 1.26.9 develop
  • webencodings 0.5.1 develop
  • wrapt 1.14.1 develop
  • yamllint 1.26.3 develop
  • zipp 3.8.0 develop
  • toml 0.10.2
pyproject.toml pypi
  • bump2version * develop
  • codecov * develop
  • coverage >=4.4.2 develop
  • fixtures * develop
  • green >=2.12.0 develop
  • mock >=2.0.0 develop
  • pydocstyle <7 develop
  • pylama * develop
  • pylint * develop
  • testtools * develop
  • twine * develop
  • unittest2 >=1.1.0 develop
  • wheel * develop
  • yamllint * develop
  • python ^3.7
  • toml >=0.9,<0.11
.github/workflows/checks.yaml actions
  • actions/cache v3 composite
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
  • codecov/codecov-action v3.1.1 composite
.github/workflows/deploy.yaml actions
  • actions/cache v3 composite
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
.github/workflows/test_deploy.yaml actions
  • actions/cache v3 composite
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
Dockerfile docker
  • python 3.8-slim build